This is a small devkey module for HopJS, it provides a basic framework for implementing devkeys.
We define a devkey as simply, a key which describes which is associated with a set of permissions.
//This key simply says - allow all callskey1:"*"//This key says - allow any call which has an input parameter of public=truekey2:"public:true"//This key says - allow any call which has an input of public=true and enabled=falsekey3:"public:true && enabled:false"//This key only works when the environmental variable NODE_ENV isn't set to productionkey4:"!$env.NODE_ENV:'production'"//This key defines specific permissions for specific functionskey5:"User.create":"email:/.+\.foo.com/""User.delete":"$session.user.email:/+.foo.com/""MailBox.*":"to:/.+foo.com/"//Don't allow this key to use IEkey6:"!$headers.agent:/MSIE/"
DevKeys can be used from a number of different providers:
var HopDevKey = ;//...//Tell hop to use the devkey moduleHop;/* Let's setup for how we want to manage dev keys1. Hit the memory cache for keys2. Hit the symmetric key provider3. Hit the redis cache key provider4. Hit the signed key provider5. Hit the http key provider*///Fifth we'll use an HTTP key providervar dkp = "";//Fourth we'll use an public/private key providervar skp = "key.pub"dkp;//Third we'll look in our redis cache for the keyvar rkp = skpredis3000;//Second we'll use a symmetic crypto key providervar ckp = "foofoo"rkp;//First we'll hit our memory cache of keysvar mkp = ckp100;//...Hop;
You will need to decide how you manage and generate them, here are some example scenarios: